The background description provided herein is for the purpose of generally presenting the context of the disclosure. Unless otherwise indicated herein, the approaches described in this section are not prior art to the claims in this disclosure and are not admitted to be prior art by inclusion in this section.
Wireless local-area-networks (WLANs) often enable computing devices to exchange data or obtain services of a network via a wireless access point. When deployed in public settings, access points are typically managed as hotspots, which provide users with internet access or other services for a one-time or subscription-based fee. To access the Internet or these services, a user can register with a service provider that controls the hotspot. Once registered with a service provider, a user may be authenticated, which allows the user to access resources available through the hotspot whenever the user is within range.
When a user initially encounters a hotspot managed by the service provider, however, the authentication process to access the resources may not be secure. The authentication process is often based on credentials provided by a server associated with the service provider. Details of these credentials, though, are not verifiable by the user because an address of the server providing the credentials is obscured by communication protocols employed by hotspots. Malicious entities with forged credentials can imitate or corrupt the authentication process because the user is unable to verify a validity of a server providing the credentials. Once the authentication process is corrupted, the malicious entity can direct the user to unsecure or corrupted network resources enabling information communicated by the user to be compromised or stolen.